Problem with traceroute passing through Firewalls balanced with ACE
I'm having lots of problems allowing traceroute through some firewalls balanced by a couple of ace service modules (on cat 6500). As explained by the cisco configuration guide I'm using hash predictors to keep traffic persistent on the right firewall but this clearly doesn't work with traceroute because, with the exception of the last hop of a trace, the destination IP for the echo request on the way out is always different from the source IP of the echo replay on the way in. The result is that ashes calculated by the ace modules are different an traffic doesn't flow always through the same firewall.
I hope I've been clear explaining my situation and it would be great if someone could help me.
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...
Cisco Documents are usually accurate, but when it came to the document
on Cisco APIC Signature-Based Transactions it was slightly off the mark.
This document is for those novices to API like me who cant seem to
figure out how to go about performing signat...